Recently, the KISA (Korea Internet & Security Agency) is working on a certificate cryptosystem upgrading project. The object of this project is to improve a stability of an electronic signature algorithm by raising the length of the private key from 1024-bit to 2048-bit. Besides, since a certificate stored on a hard disk of a personal computer may be exposed to hacking attacks, this project advises to store a certificate on a safe storage medium, e.g. HSM (Hardware Security Module).
The HSM uses a smart card chip as a core component, which is known as an anti-hacking device until now. The smart card chip generates a private key and public key pair which is required in a certificate issue process, and performs an electronic signature which is required in a certificate login process.
At present, in a certification authority system, the RSA (Rivest Shamir Adleman) algorithm is used as an electronic signature algorithm. If the RSA algorithm is improved from 1024-bit to 2048-bit, theoretically, it takes about quadruple time or more to perform operations. Specifically, it usually takes 2˜3 seconds and in some cases more than 6 seconds to generate a 1024-bit private key and public key pair in a current smart card chip. If a cryptosystem is improved from 1024-bit to 2048-bit, it usually takes 20˜30 seconds and in some cases more than 60 seconds to generate a 2048-bit private key and public key pair in the current smart card chip.
Therefore, in case of being issued a 2048-bit certificate by using the HSM, a user may feel uncomfortable since it may take more than one minute in an issue process. Hence, the KISA wants to reduce a 2048-bit private key and public key pair generation time in the HSM within a few seconds, but a technology solving the above requirement has not yet been suggested.
Meanwhile, the smart card chip can be used as HSM type by using NFC (Near Field Communication). The NFC technology is a communication technology that the smart card chip directly generates a power by using electromagnetic waves emitted from a wireless terminal and communicates with the wireless terminal. The NFC technology has advantages that no battery is required and the security is excellent owing to short connection distances. However, there is a problem that the smart card chip has difficulty in generating enough power to perform the private key and public key pair generation. In addition, it is impossible for the current smart card chip to generate the 1024-bit private key and public key pair through NFC.
In order to resolve such problems, the Korean patent No. 10-0651718 suggested a technology that a portable terminal controls a USIM (Universal Subscriber Identification Module) card to pre-generate the private key and public key pair and the USIM card transmits the pre-generated private key and public key pair in response to a request for generating the private key and public key pair.
However, in smart phone environments providing various services, it is very difficult for the portable terminal to judge the standby time of the smart card chip and control the smart card chip to pre-generate the private key and public key pair. In particular, the smart card chip using NFC does not have enough standby time since the smart card chip can connect with the portable terminal in use. Therefore, it is very difficult for the smart card chip to pre-generate the private key and public key pair in the way according to the above patent. In addition, the initial process using the HSM is a process of being issued a certificate by using the private key and public key pair generated in the smart card chip. Until then, the smart card chip does not usually have enough time to pre-generate the private key and public key pair.
Therefore, there is a demand for new scheme that the smart card chip using NFC can efficiently generate the private key and public key pair.